-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 13.5.0, 13.5.1, 13.5.2, 14.1.1, 14.5.0, 5.5.1, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.5.0, 6.0.0.6
-
Component/s: entitlements, policy
Bug description
effectiveRange where second date (Mon Dec 31 16:00:00 SGT 2018) would be "older" than the first date (Wed Jan 02 16:00:00 SGT 2019) result unable to access the resource.
How to reproduce the issue
Details steps outlining how to recreate the issue (remove this text)
- Create a policy called test in Default Policy Set
- Set resource type to URL and the resources to http://www.example.com:8080/*
- Allow GET & POST actions
- Allow all of Authenticated Users
- Set Environments type to time with:
- start time 00:00
- end time: 23:59
- start day: mon
- end day: sun
- time zone: etc/gmt-8
- Using REST call to evaluate the policy
curl -X POST \ 'http://am.example.com:8080/openam/json/policies/?_action=evaluate' \ -H 'Content-Type: application/json' \ -H 'cache-control: no-cache' \ -H 'iplanetDirectoryPro: AQIC5wM2LY4SfcxzOvfCd1kpUPzZ7grdA6GmNJKcZHcLt0c.*AAJTSQACMDEAAlNLABMtOTIzN TA0OTA4MDY2MTg2ODQ1AAJTMQAA*' \ <--amadmin sso token id -d '{ "resources" : [ "http://www.example.com:8080/index.html" ], "subject" : { "ssoToken" : "AQIC5wM2LY4SfcxzOvfCd1kpUPzZ7grdA6GmNJKcZHcLt0c.*AAJTSQACMDEAAlNLABMtOTIzNTA0OTA4MDY2MTg2ODQ1AAJTMQAA*" <--amadmin sso token id }, "application" : "iPlanetAMWebAgentService" }'
Expected behaviour
[ { "resource": "http://www.example.com:8080/index.html", "actions": { "POST": true, "GET": true }, "attributes": {}, "advices": {}, "ttl": 9223372036854775807 } ]
Current behaviour
[ { "resource": "http://www.example.com:8080/index.html", "actions": {}, "attributes": {}, "advices": {}, "ttl": 9223372036854775807 } ]
The resource could not be access on 1 Jan 2017 , 31 December 2018 1-6 Jan 2019. The sample script is attached in this bug on reproducing them. Test.java